7.5

CVE-2023-6535

Kernel: null pointer dereference in nvmet_tcp_execute_request

A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version-
RedhatEnterprise Linux Version8.0
RedhatEnterprise Linux Version9.0
RedhatEnterprise Linux Eus Version8.6
RedhatEnterprise Linux Eus Version9.2
RedhatEnterprise Linux For Arm 64 Eus Version8.6_aarch64
RedhatEnterprise Linux For Arm 64 Eus Version9.2_aarch64
RedhatVirtualization Host Version4.0
   RedhatEnterprise Linux Version8.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.55% 0.718
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
secalert@redhat.com 6.5 2.8 3.6
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.

https://access.redhat.com/errata/RHSA-2024:0724
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
https://access.redhat.com/errata/RHSA-2024:2094
https://access.redhat.com/errata/RHSA-2024:0723
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0725
Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:0881
https://access.redhat.com/errata/RHSA-2024:0897
https://access.redhat.com/errata/RHSA-2024:1248
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZFYW6R64GPLUOXSQBJI3JBUX3HGLAYPP/
https://access.redhat.com/errata/RHSA-2024:3810
https://access.redhat.com/security/cve/CVE-2023-6535
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2254053
Issue Tracking
https://security.netapp.com/advisory/ntap-20240415-0003/